Skip to Content Skip to Search

class ActiveRecord::Encryption::Properties

This is a wrapper for a hash of encryption properties. It is used by Key (public tags) and Message (headers).

Since properties are serialized in messages, it is important for storage efficiency to keep their keys as short as possible. It defines accessors for common properties that will keep these keys very short while exposing a readable name.

message.headers.encrypted_data_key # instead of message.headers[:k]

See Properties::DEFAULT_PROPERTIES, Key, Message

Constants

ALLOWED_VALUE_CLASSES

[String, ActiveRecord::Encryption::Message, Numeric, Integer, Float, BigDecimal, TrueClass, FalseClass, Symbol, NilClass]

DEFAULT_PROPERTIES

For each entry it generates an accessor exposing the full name

{
encrypted_data_key: "k",
encrypted_data_key_id: "i",
compressed: "c",
iv: "iv",
auth_tag: "at",
encoding: "e"
}

Public class methods

new(initial_properties = {})

Source code GitHub 
# File activerecord/lib/active_record/encryption/properties.rb, line 42
def initialize(initial_properties = {})
  @data = {}
  add(initial_properties)
end

Public instance methods

[]=(key, value)

Set a value for a given key

It will raise an EncryptedContentIntegrity if the value exists

Source code GitHub 
# File activerecord/lib/active_record/encryption/properties.rb, line 50
def []=(key, value)
  raise Errors::EncryptedContentIntegrity, "Properties can't be overridden: #{key}" if key?(key)
  validate_value_type(value)
  data[key] = value
end

add(other_properties)

Source code GitHub 
# File activerecord/lib/active_record/encryption/properties.rb, line 62
def add(other_properties)
  other_properties.each do |key, value|
    self[key.to_sym] = value
  end
end

to_h()

Source code GitHub 
# File activerecord/lib/active_record/encryption/properties.rb, line 68
def to_h
  data
end

validate_value_type(value)

Source code GitHub 
# File activerecord/lib/active_record/encryption/properties.rb, line 56
def validate_value_type(value)
  unless ALLOWED_VALUE_CLASSES.include?(value.class) || ALLOWED_VALUE_CLASSES.any? { |klass| value.is_a?(klass) }
    raise ActiveRecord::Encryption::Errors::ForbiddenClass, "Can't store a #{value.class}, only properties of type #{ALLOWED_VALUE_CLASSES.inspect} are allowed"
  end
end

Definition files